CISM Exam QuestionsBrowse all questions from this exam

CISM Exam - Question 1074


When an organization experiences a disruptive event, the business continuity plan (BCP) should be triggered PRIMARILY based on:

Show Answer
Correct Answer: D

A Business Continuity Plan (BCP) is generally triggered based on management direction. While factors such as the expected duration of the outage, the root cause of the event, or the type of security incident may influence the decision, it is ultimately the management's responsibility to evaluate the situation and decide when to activate the BCP. This ensures a coordinated and controlled response to the disruptive event.

Discussion

4 comments
Sign in to comment
shootnotOption: A
Apr 18, 2024

A- Why not D, because Management direction or decision to activate BCP will be based on some criteria which is primarily 'A'. Why not 'C', because BCP could be non-security event based trigger as well.

ssdnyOption: D
Mar 24, 2024

I think D

helg420Option: D
May 17, 2024

i agree with D. Incident response procedures should dictate the process to enact BCP and thats usually at management discretion. the expected duration will be just one of the many variables to consider

1899f17Option: C
May 28, 2024

C. type of security incident.